/** *pri_id() *获取打印店id,后端验证 *如果未登录使用cookie自动登陆并更新session *@param $redirect_url 重定向url,空不跳转 *@return int 打印店id */ function pri_id($redirect_url = null) { $id = session('pri_id'); if ($id) { return $id; } else { $token = I('cookie.token', null, '/^\\w{32,63}$/'); if ($token) { $info = auth_token($token); if ($info['type'] == C('PRINTER_WEB')) { session('pri_id', $info['id']); return $info['id']; } } } if ($redirect_url) { redirect($redirect_url); } else { return 0; } }
/** * admin_id() * 验证admin权限 * 如果未登录使用cookie自动登陆并更新session * @param $redirect_url 重定向url,空不跳转 * @return int 是否具备admin权限 */ function admin_id($redirect_url = null) { $id = session('admin_id'); if ($id) { return $id; } else { $token = I('cookie.token', null, C('REGEX_TOKEN')); if ($token) { $info = auth_token($token); if ($info['type'] == C('ADMIN')) { session('admin_id', $info['id']); return $info['id']; } } } if ($redirect_url) { redirect($redirect_url); } else { return 0; } }
case "application/json": $data = json_decode($raw); $name = isset($data["name"]) ? $data["name"] : false; break; case "application/x-www-form-urlencoded": parse_str($raw, $data); $name = isset($data["name"]) ? $data["name"] : false; break; default: return error(400, "Content type not supprted."); } if ($name === false) { return error(400, "Name field is missing."); } $addr = $_SERVER['REMOTE_ADDR']; $token = auth_token(); $id = fetch("SELECT MAX(ID)+1 as id FROM devices")[0]["id"]; if (!$id) { $id = 1; } global $db; $q = $db->prepare("INSERT INTO devices (ID, Name, Address, Auth_Token) VALUES (:id, :name, :addr, :token)"); if (!$q->execute(array(":id" => $id, ":name" => $name, ":addr" => $addr, ":token" => $token))) { return error("failure", REST::preferred("text/html") ? "Failed to register the device." : "-1"); } // REPLY / RENDER // REST::response_code("created"); header('Location: ' . lnk("/devices/{$id}")); header('Authorization: ' . $token); if (!REST::preferred("text/html") && !REST::preferred("application/json")) { echo $id . " " . $token;
/** *auth_token() *验证信息 *@return array $info 验证失败返回空值null * $info['id']用户id * $info['type']用户类型 *@version 1.1 *@author NewFuture */ function auth() { $token = get_token(); return $token ? auth_token($token) : false; }
$xml = new SimpleXMLElement($dbName, 0, true); $user = $xml[0]->addChild('user'); $user->addChild('email', $email); $user->addChild('realname', $name); $user->addChild('time', time()); $xml->asXML($dbName); $sent = true; $e .= $sent; } echo $e; } //TOKEN } else { // ====================================== // NO AJAX $secret = auth_token($yourKey); if (isset($_POST['send'])) { $token = $_POST['token']; if (is_token_valid($token, $yourKey)) { $email = trim($_POST['email']); $name = trim($_POST['name']); $xml = new SimpleXMLElement($dbName, 0, true); //email blank? if ($email == "") { $e .= "<li>" . $lang['emptyEmail'] . "</li>"; } else { //email filled //valid email? if (!check_email_address($email)) { $e .= "<li>" . $lang['invalidEmail'] . " <strong>{$email}</strong> " . $lang['invalidEmail2'] . "</li>"; }